Skip to main content
close search
site logo
Dive Brief

To improve cybersecurity diversity, destroy the 'hacker in a hoodie' stereotype

Published April 17, 2018
Naomi Eide's headshot
Managing Editor
Naomi Eide for CIO Dive

Dive Brief:

  • Experts are quick to bemoan the glaring lack of diversity in cybersecurity, but proffered solutions have failed to close the gap. That's because the cybersecurity "industry is not ready to take diversity seriously," said Kim Jones, director of the Cybersecurity Education Consortium at Arizona State University, speaking at RSA Conference 2018 in San Francisco Monday.

  • Part of the problem is diversity messaging. Cybersecurity is considered "pale, male and stale," Jones said. The other stereotype is of hackers in hoodies, both messages that don't resonate with women and minorities. "[I'm] sick and tired of the hoodie," Jones said. The industry should instead focus on how cybersecurity is a profession dedicated to protecting and defending people, imagery that is far more effective than shadowy figures in sweatshirts stooped over glowing computer screens.

  • To make an impact across the industry, diversity discussions need to move into the "main hall," Jones said. Those present to discuss diversity shortcomings are often in an echo chamber. Instead, stakeholders need to be part of the conversation and work on creating a more diverse security workforce because it's the "right thing," Jones said.

Dive Insight:

For years the same statistic has been bandied about: Women make up less than 11% of the cybersecurity sector, a number that has remained unchanged since 2015.

Problems with diversity predated the talent shortage and will persist as the talent gap is closed. Organizations need to separate diversity from the talent pool issue and work to make the field more welcoming to women and minorities, according to Jones.

The talent gap is, of course, a critical issue for many organizations, both inside technology and across other sectors. There are more than 285,000 job openings in cybersecurity across  the U.S., a number which will continue to expand as the cyberthreat landscape becomes more challenging to navigate.

The cybersecurity industry needs an "extreme makeover" to keep up with talent demands, said Christine Izuakor, senior manager of global security strategy and awareness at United Airlines. If organizations rethought where talent comes from and required fewer rigorous credentials, recruiting would become more seamless.

Requiring years of experience to newcomers in the field will only work to turn qualified workers away, said Izuakor. Creating better opportunities for entry and rethinking qualifications will make it easier for candidates to enter into the workforce.

Companies cannot expect candidates to have security-specific degrees ether. After all, many security experts find the field by chance, and pipeline-qualified candidates exist outside of what companies are willing to consider as qualified.

Filed Under: Security, Leadership

Editors' picks

Company Announcements

View all | Post a press release
New Research Reveals AI's Impact on IT's Power, Status, and Pay
From 1E
November 21, 2024
PointFive is Apparently the Hottest Cloud Startup, Here is Why
From Jordan Mitchell
November 21, 2024
TrustNet Named 2024’s Best Compliance Advisory and Audit Firm at CDM’s Annual Top InfoSec Inno…
From TrustNet
November 06, 2024
NeuBird Named a Cool Vendor in the 2024 Gartner® Cool Vendors™ in IT Operations Leveraging Gen…
From NeuBird
November 11, 2024
Editors' picks
Latest in Security
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell